Skip to main content

Apple sends iPhone hack warning to Indian opposition leader; walks tricky line

Apple has sent iPhone hack warnings to the leader of India’s main opposition party, alongside other politicians opposing Narendra Modi’s government – placing Apple in a potentially delicate position.

A security researcher was also alerted, and shared a copy of the alert message he was sent, in which Apple advised enabling Lockdown Mode …

iPhone spyware

While iPhones are designed with security and privacy in mind, the sheer complexity of the code in A-series chips and iOS means that there are always zero-day vulnerabilities – flaws which are unknown to Apple – waiting to be discovered.

Discovering and exploiting these requires huge resources, with spyware companies paying hackers a million dollars or more for alerting them to new vulnerabilities which can be exploited. The best-known iPhone spyware is NSO’s Pegasus, while Paragon’s Graphite is another example.

The most notable thing about Pegasus and Graphite is that they use zero-click attacks, where you don’t need to fool the user into tapping a link or visiting a website – merely receiving a carefully-crafted iMessage, without interacting with it in any way, is enough to compromise the phone. The spyware then provides the attacker with access to almost everything on it it, including messages, emails, photos, contacts, and locations.

Both the US government and Apple have been fighting back. The US banned the import and use of Pegasus, while Apple has for two years proactively alerted those it believes have been targeted.

iPhone hack warning sent to Indian opposition leader

TechCrunch reports that Apple has sent an iPhone hack warning to Rahul Gandhi, the leader of India’s main opposition party. Additional warnings have been sent to others.

Apple has warned over a half dozen Indian lawmakers from Prime Minister Narendra Modi’s main opposition of their iPhones being targets of state-sponsored attacks, these people said Tuesday, in a remarkable turn of events just months before the general elections in the South Asian nation.

Rahul Gandhi, Indian opposition leader, said in a media briefing Tuesday that his team had received the said alert from Apple. Shashi Tharoor, a key figure from the Congress party; Akhilesh Yadav, the head of the Samajwadi Party; Mahua Moitra, a national representative from the All India Trinamool Congress; Priyanka Chaturvedi of Shiv Sena, a party with notable influence in Maharashtra reported that they too had been notified by Apple regarding a potential security attack on their iPhones.

Others notified include two well-known political journalists.

Puts Apple in a delicate position

The cost and work involved in compromising iPhones in this way means that these attacks are almost exclusively carried out by state actors – that is, governments.

In this case, the obvious suspect is the Indian government, seeking to spy on opposition politicians and others likely to have knowledge about plans for the upcoming election campaign.

As with China, Apple relies on close cooperation with the Indian government to facilitate rapidly-growing iPhone production in the country. CEO Tim Cook has personally met with Indian prime minister Narendra Modi on a number of occasions.

Some of the negotiations involved have been extremely lengthy and complex – especially those around opening Apple Stores in the country – and the Cupertino company would not want to do anything to upset that relationship.

At the same time, it can’t sit back and do nothing when it knows that the Indian government is hacking iPhones.

The company walked a delicate line in describing the attacks as state-sponsored, without identifying a state, and being careful to say that it might be wrong.

State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future.

Security researcher also alerted

A mobile security researcher who tweets as peterpan0927 also received the same alert from Apple, which he shared on Twitter. In it, he is advised by Apple to enable Lockdown Mode.

Photo: Shubham Sharma/Unsplash

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications